Certificate

$ rpki-client -vvf rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer
File:                     7E33A908D6350A322FA03630A59582A284A95C5D.cer (raw, json)
Hash identifier:          nIUQBD17ZR1TfesFiITs7R8M/RFRbmIXDgx8zParWUw=
Subject key identifier:   7E:33:A9:08:D6:35:0A:32:2F:A0:36:30:A5:95:82:A2:84:A9:5C:5D
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       10F0D412A24FD9C594AA6B53ACD0F8562F3F1947
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Manifest:                 rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.mft
caRepository:             rsync://rpki.co/repo/Bee/1/
Notify URL:               https://rrdp.rpki.co/rrdp/notification.xml
Certificate not before:   Tue 23 Apr 2024 08:09:13 +0000
Certificate not after:    Tue 22 Apr 2025 08:14:13 +0000
Subordinate resources:    IP: 2a12:dd47:da00::/40

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 20 Jun 2024 09:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:f0:d4:12:a2:4f:d9:c5:94:aa:6b:53:ac:d0:f8:56:2f:3f:19:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Apr 23 08:09:13 2024 GMT
            Not After : Apr 22 08:14:13 2025 GMT
        Subject: CN=7E33A908D6350A322FA03630A59582A284A95C5D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:18:e7:ee:5a:2d:54:7c:94:2c:29:91:76:74:
                    7a:a0:6d:29:f0:1e:da:8e:ca:a3:9a:8f:0a:5b:cb:
                    fe:61:e6:fe:de:52:7c:8d:74:7c:7c:2c:82:a8:df:
                    3e:a3:d7:5b:93:77:34:b4:84:12:ed:a5:89:79:d1:
                    ce:49:a7:91:98:84:16:91:e3:3e:eb:9f:b1:90:00:
                    82:f3:5f:68:55:d1:87:73:c4:52:57:bd:b2:29:e4:
                    ef:40:ed:66:7c:e2:8d:cf:5a:70:b5:f9:dd:3c:50:
                    8e:f4:f0:41:41:e2:f0:d7:9e:64:9e:90:eb:b3:6a:
                    a1:7d:a0:05:ef:f5:e7:2a:2d:b8:0e:a4:ae:a2:c9:
                    e5:00:61:2b:b4:01:a1:01:ee:d1:b8:da:02:f9:21:
                    57:49:e5:52:e1:7d:08:fa:0c:9d:42:e8:49:d5:15:
                    61:cd:47:5f:51:63:ca:9b:63:0f:e5:79:72:6f:3a:
                    69:77:d2:ac:dd:3f:79:da:60:ea:7b:e5:bc:4e:f3:
                    43:a1:e3:0e:08:1d:4e:53:28:4f:d5:06:8b:82:f0:
                    15:c2:e6:e2:88:13:a6:ae:8f:6a:9c:28:24:42:ae:
                    0d:fe:8b:9b:ec:38:d4:13:d8:e5:25:0c:6d:e9:0d:
                    d3:55:b8:52:89:e3:03:53:ef:f0:2f:b1:b7:ae:69:
                    e8:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                7E:33:A9:08:D6:35:0A:32:2F:A0:36:30:A5:95:82:A2:84:A9:5C:5D
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.co/repo/Bee/1/
                RPKI Manifest - URI:rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.mft
                RPKI Notify - URI:https://rrdp.rpki.co/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:da00::/40

    Signature Algorithm: sha256WithRSAEncryption
         2f:2c:04:fc:2f:55:53:2f:da:7d:68:d6:a4:19:77:27:b7:c8:
         87:88:3c:1a:1f:92:18:a6:99:94:72:36:7b:a3:0b:ca:c3:a6:
         27:d8:2d:5c:7e:de:55:db:8b:16:4f:01:18:3a:c4:e7:69:4f:
         d2:e6:31:01:9e:dd:de:71:12:de:d1:03:30:41:b8:7c:06:37:
         25:be:70:3c:bd:90:08:47:0b:9a:13:bb:77:fb:15:c6:0c:a4:
         14:8e:54:9e:f4:b5:e0:cc:fa:70:90:23:fb:25:0a:f0:d7:6f:
         22:c6:34:29:ff:7c:c8:0a:30:4c:13:0a:56:52:ef:6a:74:e6:
         3c:69:35:f1:d1:1e:92:11:8e:f5:f3:0d:36:50:dd:a5:ce:71:
         06:42:c1:b6:d1:85:e1:ce:e2:4b:63:33:f2:5e:2e:4d:c5:31:
         5b:6b:3b:ba:98:c8:b5:15:d0:52:3f:1a:e0:3c:7e:02:6d:87:
         41:28:19:80:00:2a:d9:54:56:77:96:d4:05:72:c5:d9:29:cb:
         00:e4:25:1e:5f:1c:91:41:e4:67:7a:4f:0e:5f:b9:6a:38:6f:
         03:2d:3a:f5:0e:19:0e:2d:9d:75:b2:8e:96:65:3e:1d:7d:c6:
         7d:59:36:cc:a0:e7:8c:f8:c9:7c:ce:8a:27:f1:d6:33:b1:a5:
         21:b3:76:5a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUEPDUEqJP2cWUqmtTrND4Vi8/GUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yNDA0MjMwODA5MTNaFw0yNTA0MjIwODE0MTNaMDMxMTAvBgNV
BAMTKDdFMzNBOTA4RDYzNTBBMzIyRkEwMzYzMEE1OTU4MkEyODRBOTVDNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyGOfuWi1UfJQsKZF2dHqgbSnw
HtqOyqOajwpby/5h5v7eUnyNdHx8LIKo3z6j11uTdzS0hBLtpYl50c5Jp5GYhBaR
4z7rn7GQAILzX2hV0YdzxFJXvbIp5O9A7WZ84o3PWnC1+d08UI708EFB4vDXnmSe
kOuzaqF9oAXv9ecqLbgOpK6iyeUAYSu0AaEB7tG42gL5IVdJ5VLhfQj6DJ1C6EnV
FWHNR19RY8qbYw/leXJvOml30qzdP3naYOp75bxO80Oh4w4IHU5TKE/VBouC8BXC
5uKIE6auj2qcKCRCrg3+i5vsONQT2OUlDG3pDdNVuFKJ4wNT7/AvsbeuaehVAgMB
AAGjggIuMIICKjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR+M6kI1jUKMi+g
NjCllYKihKlcXTAfBgNVHSMEGDAWgBRmBCicfjngjhrhJVzuc8Bb/Znz5jAOBgNV
HQ8BAf8EBAMCAQYwWgYDVR0fBFMwUTBPoE2gS4ZJcnN5bmM6Ly9ycGtpLmNvL3Jl
cG8vQVM5NDUvMS82NjA0Mjg5QzdFMzlFMDhFMUFFMTI1NUNFRTczQzA1QkZEOTlG
M0U2LmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2
LnR3L3Jwa2kvQXVndXN0LzUvNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0Mw
NUJGRDk5RjNFNi5jZXIwgcYGCCsGAQUFBwELBIG5MIG2MCcGCCsGAQUFBzAFhhty
c3luYzovL3Jwa2kuY28vcmVwby9CZWUvMS8wUwYIKwYBBQUHMAqGR3JzeW5jOi8v
cnBraS5jby9yZXBvL0JlZS8xLzdFMzNBOTA4RDYzNTBBMzIyRkEwMzYzMEE1OTU4
MkEyODRBOTVDNUQubWZ0MDYGCCsGAQUFBzANhipodHRwczovL3JyZHAucnBraS5j
by9ycmRwL25vdGlmaWNhdGlvbi54bWwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoS3UfaMA0GCSqGSIb3DQEB
CwUAA4IBAQAvLAT8L1VTL9p9aNakGXcnt8iHiDwaH5IYppmUcjZ7owvKw6Yn2C1c
ft5V24sWTwEYOsTnaU/S5jEBnt3ecRLe0QMwQbh8BjclvnA8vZAIRwuaE7t3+xXG
DKQUjlSe9LXgzPpwkCP7JQrw128ixjQp/3zICjBMEwpWUu9qdOY8aTXx0R6SEY71
8w02UN2lznEGQsG20YXhzuJLYzPyXi5NxTFbazu6mMi1FdBSPxrgPH4CbYdBKBmA
ACrZVFZ3ltQFcsXZKcsA5CUeXxyRQeRnek8OX7lqOG8DLTr1DhkOLZ11so6WZT4d
fcZ9WTbMoOeM+Ml8zoon8dYzsaUhs3Za
-----END CERTIFICATE-----
Generated at Wed Jun 19 14:28:34 2024 by rpki-client on console-ams.rpki-client.org